Skip to main content

Asylo CVE-2020-8904

CRITICAL
Use of Out-of-range Pointer Offset (CWE-823)
2020-08-12 cve-coordination@google.com
9.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.6 CRITICAL
AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 12, 2020 - 19:15 nvd
CRITICAL 9.6

DescriptionNVD

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later.

AnalysisAI

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-823. An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later. Affected products include: Google Asylo. Version information: prior to 0.6.0..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Asylo

View all
CVE-2021-22552 MEDIUM POC
5.5 Aug 02

An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall numb

CVE-2020-8944 MEDIUM POC
5.5 Dec 15

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to eca

CVE-2021-22550 HIGH
7.8 Jun 08

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave.

CVE-2021-22549 HIGH
7.8 Jun 08

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. Rated high severity

CVE-2021-22548 HIGH
7.8 Jun 08

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted me

CVE-2020-8935 HIGH
7.8 Dec 15

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore fun

CVE-2020-8905 MEDIUM
6.5 Aug 12

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should no

CVE-2020-8943 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8942 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8941 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8940 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8939 MEDIUM
5.5 Dec 15

An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by

Share

CVE-2020-8904 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy